1 Answer
1

I would be extremely reluctant to make that assumption. Lacking strong evidence that running the vulnerable version of Exim in this way is safe, I think you should assume it is unsafe. In particular, I have not seen any analysis of the vulnerability to support your suggested interpretation.

I have seen a statement that the vulnerability "may permit anyone who can send you email to cause code to be executed as the Exim run-time user". If this characterization is accurate, then it sounds like merely running the server on port 465 will not be enough to protect you. Even if the attacker doesn't have the ability to authenticate to Exim, and even if we assume that there is no way to exploit the format string vulnerability before authentication (something that I'm not aware of any evidence for), there are still many ways that an attacker could send you email. (There are also many ways that an attacker may be able to influence one of your legitimate users into unknowingly sending an email with contents of the attacker's choosing.) Thus, it sounds like even if you took your steps, it may still be possible to exploit the vulnerability.

Bottom line: I suggest that you stop using the vulnerable version of Exim and just patch the sucker already.

P.S. For the future, if you want better answers: I suggest you link to the vulnerability report for the particular vulnerability you are curious about in your question.